SSL Weak-point

secure_150In hind sight many problems are very simple to avoid.

I’d like to share this tip so that you might not get caught out as easily as we did.

Check the expiry dates of your SSL certificates and diarise a reminder for their renewal a few days before expiry. EVEN IF YOU HAVE THEM SET FOR AUTOMATIC RENEWAL.

Yesterday one of our systems just stopped responding, a backend service that is only accessed by program calls, it took a little while before we tried to connect to it with a browser and were confronted by the certificate issue.

Turns out our provider’s auto renewal process had failed and they had no alert monitoring. The provider follow-up unfortunately lacked the level of urgency expected for a live customer system totally broken, resulting in a 18+ hour outage and no doubt a provider review.


Special data needs

Business apps can have some special data needs.

One we have been working on lately stores a large supplier database on the phone. However the information does change and needs to be updated easily and with no inconvenience to the user.

The first thing this app does after install is load the current database from the client server. From then on a check is made every four hours to ensure the app database is current and updated if need be. The time between checks must of course be configurable and transparent to the user. But what happens if there is no Internet connection? In the short term this isn’t a problem as the app will issue regular reminders that the information must be synced with the backend server. After a period of time (again configurable) the app will no longer operate if the database has not been synced and the local data will be erased. After an extended period the app will remove itself from the user device.

Robust data integrity capabilities like these are common in business applications and demonstrate the value of engaging with a development group who have large scale business experience as well as the skills to work with mobile platforms.

Apps vs Mobile Web

As a business, when you develop and deploy information to the mobile world there are a multitude of things to be considered.

You have a team of really talented and technical IT staff that could do the work, but can they really? If your staff are not constantly working in the mobile sphere how relevant are their skill sets, what was covered at University even a year or so back is no longer best practice. The world of mobiles changes almost daily, the pace of development is frenetic in both hardware and software. The mobile platform on which your customers will consume information will have a lifespan of a couple of years at most.

Recently there has been much discussion around developing a mobile web site that can be viewed by any phone with a browser against the overhead of developing multiple programmed applications for the various phone platforms. On the surface the idea of one website seems simple, the reality though is anything but. Every model of phone has a different screen size, optimising for that is non-trivial, added to which are a multitude of mobile browsers all with their own quirks which need testing and catering to.

The technical team at Pocketware provide objective advice on the best technical approach to use depending on the particular business needs and issues such as stability, security and access to individual platform hardware for the wide range of devices and technologies currently available. Recent developments like HTML5 are blurring the boundaries between native apps and websites, an understanding of the pros and cons of these options in addition to the current skill sets to utilise them is critical to your mobile development.